Microsoft has released details of hackers targeting both the Trump and Biden election campaigns, with Russia, China and Iran topping the top threat actors.
Microsoft says that a number of hackers, including the same group that compromised the network of the Democratic National Committee in 2016 – Strontium – were looking to target the 2020 election.
The group is believed to be tied to the Russian military intelligence division.
“It’s clear that foreign activity groups have stepped up their efforts,” targeting the Biden and Trump election campaigns, Microsoft says, making a plea that “we also believe more federal funding is needed in the U.S. so states can better protect their election infrastructure.”
“While the political organisations targeted in attacks from these actors are not those that maintain or operate voting systems, this increased activity related to the U.S. electoral process is concerning for the whole ecosystem.”
Tom Burt, Microsoft’s vice president has said that “what we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers, but also those who they consult on key issues.”
“In recent weeks, Microsoft has detected cyberattacks targeting people and organisations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns.”
Burt aso addressed the group formerly known as Fancy Bear, now Strontium, who is believed to have links to the Russian intelligence service the GRU. He said that “similar to what we observed in 2016, Strontium is launching campaigns to harvest people’s log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations.”
It’s believed that Chinese hackers were actively targeting the Biden campaign, while Iranian hackers were preferencing their attacks on the Trump presidential reelection campaign.
A spokesperson for the Biden campaign has said that “we have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them,” while a Trump spokesperson said “we are a large target, so it is not surprising we see malicious activity directed at the campaign or our staff.”
“These activities highlight the need for people and organisations involved in the political process to take advantage of free and low-cost security tools to protect themselves as we get closer to election day,” he said.
As to why Microsoft was making the public statement, Burt said that “we disclose attacks like these because we believe it’s important the world knows about the threats to democratic processes. It is critical that everyone involved in democratic processes around the world, both directly or indirectly, be aware of these threats to take steps to protect themselves in both their personal and professional capacities.”
“We are taking extra steps to protect customers involved in election, government and policy making,” he added.
Bob Stevens, vice president of mobile security at Lookout has told The Guardian that remote working and increased reliance on mobile devices presents a number of areas in which hackers can exploit a potential vulnerability.
“Mobile devices now exist at the intersection of our work and personal lives… considering how reliant we are on them to support all aspects of our lives, bad actors have taken note,” he said.